I have 3 interfaces. I'll replace the public ips with 10.x.x.x.
eth0:
ips: 10.1.1.64-10.1.1.70
mask: 255.255.255.0
gateway: 10.1.1.1
ip route table: gw1a
eth1:
ip: 10.1.1.71
mask: 255.255.255.0
gateway: 10.1.1.1
ip route table: gw1b
eth2
ip: 10.2.2.135
mask:255.255.255.192
gateway: 10.2.2.129
ip route table: gw2
eth3 – will be used in rare cases. down most of the time. used to setup others
ip: 192.168.51.69
netmask: 255.255.255.0
gateway: 192.168.51.254
ip route table: office
While I'm setting the server up I'm connecting from 192.168.51.50.
I've made following script to set up routes. I need packets to go out using the interface they cam in from. The default gateway in main table is currently 192.168.51.254. I'll change it later to the gateway of eth0. When I run the script – I loose connection with the server. Why? Are packets that need to go to pc I'm connecting from 192.168.51.50 routed incorrectly? Are my ip route rules/routes correct. I'm not a network guru…
#!/bin/bash
ip=/sbin/ip
$ip rule show | grep -Ev '^(0|32766|32767):' | while read PRIO RULE; do
echo "Removing rule prio ${PRIO%%:*} $RULE"
$ip rule del prio ${PRIO%%:*}
done
$ip route flush table gw1a >/dev/null 1>&2
$ip route flush table gw1b >/dev/null 1>&2
$ip route flush table gw2 >/dev/null 1>&2
$ip route flush table office >/dev/null 1>&2
$ip route add default via 10.1.1.1 table gw1a dev eth0
$ip route add default via 10.1.1.1 table gw1b dev eth1
$ip route add default via 10.2.2.129 table gw2 dev eth2
$ip route add default via 192.168.51.254 table office dev eth3
for i in `/usr/bin/seq 65 70` ; do
echo "rule from 10.1.1.$i -> gw1a"
$ip rule add from 10.1.1.$i table gw1a
done
echo "rule from 10.1.1.71 -> gw1b"
$ip rule add from 10.1.1.71 table gw1b
echo "rule from 10.2.2.135 -> gw2"
$ip rule add from 10.2.2.135 table gw2
echo "rule from 192.168.51.69 -> office"
Best Answer
Solved! I've added local networks (accessible directly, without gateway) to gw1a, gw1b, gw2 and office tables:
I saw it like this in main table, so I added it to all other tables.
I'll wait for comments before I accept this as answer. I have the feeling there is a better way...